Who we are
We are Staveley and Copgrove Parish Council.
Our website address is: https://staveleyandcopgrovepc.org.uk.
We can be contacted via email at firstname.lastname@example.org.
What personal data we collect and why we collect it
When visitors register with the website we collect the data shown in the new account form. We send you an email with a system generated password you need to log in to the site. You can change the password to one of your choice once you have logged in to the site.
We store the personal information provided in the user profile in a password-protected database. All users can see, edit, or delete their own personal information at any time (except they cannot change their username). Website administrators can also see and edit personal information. The registered user’s password is stored in an encrypted format in the database and cannot be read by any website administrator. Access to the database is by password only. The database password is available to all Councillors and the Clerk as well as the website administrators.
Personal account data is used to identify visitors leaving comments on the News page.
When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.
If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.
If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
If you edit or publish an article (a post), an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.
Embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
We offer a newsletter service which is emailed to subscribers on a periodic basis. When visitors subscribe to the newsletter, we collect the data shown in the sign up form. We send you an email to confirm the subscription. You can unsubscribe from the newsleter service at any time. We store the personal information provided in the same way as for a personal account detailed above.
We do not perform any analysis of visits to this website.
Who we share your data with
We do not share your persdonal data with any third party.
How long we retain your data
If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.
For users that register on our website (if any), we store the personal information they provide indefinitely. All users can see, edit, or delete their own personal information at any time (except they cannot change their username).
What rights you have over your data
If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
Under the General Data Protection Regulation (GDPR) you have a number of important rights. In summary, these include rights to:
- fair processing of information and transparency over how we use your personal information
- access to your personal information and to certain other supplementary information that this notice is designed to address
- require us to correct any mistakes in your information that we hold
- require the erasure of personal information concerning you in certain situations
- receive the personal information concerning you which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit that data to a third party in certain situations
- object at any time to the processing of personal information concerning you for direct marketing
- object to decisions being taked by automated means which produce legal effects concerning you or similarly significantly affect you
- object in certain situations to our continued processing of your personal information
- otherwise restict our processing of your personal information in certain circumstances
- claim compensation for damages cause by our breach of any data protection laws.
Where we send your data
Visitor comments may be checked through an automated spam detection service.
Your contact information
If you have a privacy specific concern, you may contact our Data Protection Officer. This role is currently carried out by the Local Council Public Advisory Servie (LCPAS) on our befalf. LCPAS may be contacted at
The Vision Centre,
5 Eastern Way,
Bury St Edmunds,
Suffolk IP32 7AB
Tel: 01284 766885
How we protect your data
We have security measures, as described above, to prevent personal information from being accidentally lost, or used or accessed in an unauthorised way. We limit access to your personal information to those who who have a genuine business need to know it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.
What data breach procedures we have in place
We have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.
Whilst we will use all reasonable efforts to secure your personal data, in using this site you acknowledge that the use of the internet is not entirely secure and for this reason we cannot guarantee the security and integrity of any personal data that is transferred from you or to you via the internet.
What third parties we receive data from
We do not receive any data from third parties.
What automated decision making and/or profiling we do with user data
We do not use any automated decision making or profiling using personal data.
Industry regulatory disclosure requirements
The Parish Council does not have any regulatory disclosure requirements that have not been covered above.